from the yup,-this-system-works-so-well dept

With the UN report condemning three strikes, we've seen a few governments suggest a bit more caution about such laws, but over in Ireland things are getting strange. You may recall a few years back the Irish ISP Eircom got sued for not implementing a three strikes plan. While it first fought back, it eventually caved and agreed to implement a three strikes plan. There was apparently some back room dealing as well, in which Eircom wanted the recording industry to go after other ISPs as well, which has happened. In a trial testing the legitimacy of Eircom's three strikes laws, a judge ruled entirely the flip side of the UN report, claiming that kicking people off the internet was fine because it was actually copyright that was a human right, not internet access.

Of course, one of the problems with a three strikes provision is the fact that it's based purely on accusations, rather than convictions. And that's pretty ridiculous when the data used for the accusations is notoriously inaccurate. But, it gets even worse when an ISP like Eircom apparently sent hundreds of "first strike" notices to people who were entirely innocent, blaming it on a glitch (found via Torrentfreak). It's now leading to an investigation by the Irish Data Protection Commissioner. Eircom has tried to brush it off due to a technical error having to do with daylight savings time (seriously?!?), but it highlights the larger problems with these kinds of schemes. And those problems mean that the Data Protection Commissioner is looking at the entire three strikes plan to see if it's legit:

The significance of this case goes well beyond simple technical failings however, as the complaint to the Data Protection Commissioner has triggered a wider investigation of the legality of the entire three strikes system. According to the Sunday Times, "the DPC said it was investigating the complaint 'including whether the subject matter gives rise to any questions as to the proportionality of the graduated response system operated by Eircom and the music industry'."

This is unsurprising. When the Eircom / music industry three strikes settlement was being agreed, the Data Protection Commissioner identified significant data protection problems with it. These problems remain, notwithstanding the deeply flawed High Court judgement which permitted the parties to operate the system - a judgement which, for example, decided on the question of whether or not IP addresses are personal data without once considering the views of the Article 29 Working Party. The Data Protection Commissioner was not convinced by that judgement (it was problematic at least in part because the Commissioner was not represented - the only parties before the court had a vested interest in the system being implemented). However, until a concrete complaint arose no further action could be taken.

The complaint in this case has now triggered that action, and it seems likely that the Commissioner will reach a decision reflecting his previous views that using IP addresses to cut off customers' internet connections is disproportionate and does not constitute "fair use" of personal information. If so, the Commissioner has the power and indeed the duty to issue an enforcement notice which would prevent Eircom from using personal data for this purpose - an outcome which would derail the three strikes system unless Eircom successfully challenges that notice before the courts, or unless the music industry were to succeed in its campaign to secure legislation introducing three strikes into Irish law.

from the borderline-extortion dept

We've already discussed how operations like DigiProtect and ACS:Law are operating a rather questionable business of purposely putting content online, tracking the IP addresses of anyone who downloads that content, and then sending letters demanding payment to avoid a lawsuit. While it's not clear if any of these lawsuits are ever filed, many people are frightened into just paying up, even if they've done nothing wrong. And, in fact, it appears that many innocent users are receiving these letters, in such a blanket campaign. While some may call it "collateral damage" if a small percentage of innocent people receive these letters, it's still quite problematic, and a highly questionable business practice.

from the we're-from-the-gov't-and-we're-here-to-help-Hollywood dept

With all of the concern over the proposed bill in the UK to kick file sharers off the internet based on accusations (not convictions), some have been raising concerns about innocent users kicked off the internet. Culture Minister Sion Simon has hit back at those claims insisting that the innocent won't be kicked offline. Really. Trust us. Or something like that. The main reason he claims that it won't impact the innocent is because multiple letters will be sent and there will be an "appeals" process. Of course, that ignores the fact that this could still be quite a disruption in someone's life. If they're falsely accused, they risk losing their internet access and have to fight an appeal? That could be costly in terms of both time and money. And, of course, we've already seen, with other similar threats, that the warning letters sometimes get sent to the wrong address or wrong person and get ignored entirely.